You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
146 lines
5.1 KiB
146 lines
5.1 KiB
apiVersion: tekton.dev/v1beta1 |
|
kind: Task |
|
metadata: |
|
annotations: |
|
tekton.dev/categories: Git |
|
tekton.dev/displayName: git cli |
|
tekton.dev/pipelines.minVersion: 0.21.0 |
|
tekton.dev/platforms: linux/amd64,linux/s390x,linux/ppc64le |
|
tekton.dev/tags: git |
|
creationTimestamp: "2023-06-20T22:58:05Z" |
|
generation: 2 |
|
labels: |
|
app.kubernetes.io/version: "0.4" |
|
hub.tekton.dev/catalog: tekton |
|
name: git-cli |
|
namespace: psse-scanchain-prod |
|
resourceVersion: "3453559180" |
|
uid: 95fc93dd-8780-41ab-9477-b698762dc1de |
|
spec: |
|
description: |- |
|
This task can be used to perform git operations. |
|
Git command that needs to be run can be passed as a script to the task. This task needs authentication to git in order to push after the git operation. |
|
params: |
|
- default: cgr.dev/chainguard/git:root-2.39@sha256:7759f87050dd8bacabe61354d75ccd7f864d6b6f8ec42697db7159eccd491139 |
|
description: | |
|
The base image for the task. |
|
name: BASE_IMAGE |
|
type: string |
|
- default: "" |
|
description: | |
|
Git user name for performing git operation. |
|
name: GIT_USER_NAME |
|
type: string |
|
- default: "" |
|
description: | |
|
Git user email for performing git operation. |
|
name: GIT_USER_EMAIL |
|
type: string |
|
- default: | |
|
git help |
|
description: The git script to run. |
|
name: GIT_SCRIPT |
|
type: string |
|
- default: /root |
|
description: | |
|
Absolute path to the user's home directory. Set this explicitly if you are running the image as a non-root user or have overridden |
|
the gitInitImage param with an image containing custom user configuration. |
|
name: USER_HOME |
|
type: string |
|
- default: "true" |
|
description: Log the commands that are executed during `git-clone`'s operation. |
|
name: VERBOSE |
|
type: string |
|
results: |
|
- description: The precise commit SHA after the git operation. |
|
name: commit |
|
type: string |
|
- name: archive-name |
|
type: string |
|
description: The archive name produced by the git archive |
|
steps: |
|
- env: |
|
- name: HOME |
|
value: $(params.USER_HOME) |
|
- name: PARAM_VERBOSE |
|
value: $(params.VERBOSE) |
|
- name: PARAM_USER_HOME |
|
value: $(params.USER_HOME) |
|
- name: WORKSPACE_OUTPUT_PATH |
|
value: $(workspaces.output.path) |
|
- name: WORKSPACE_SSH_DIRECTORY_BOUND |
|
value: $(workspaces.ssh-directory.bound) |
|
- name: WORKSPACE_SSH_DIRECTORY_PATH |
|
value: $(workspaces.ssh-directory.path) |
|
- name: WORKSPACE_BASIC_AUTH_DIRECTORY_BOUND |
|
value: $(workspaces.basic-auth.bound) |
|
- name: WORKSPACE_BASIC_AUTH_DIRECTORY_PATH |
|
value: $(workspaces.basic-auth.path) |
|
image: $(params.BASE_IMAGE) |
|
name: git |
|
resources: {} |
|
script: | |
|
#!/usr/bin/env sh |
|
set -eu |
|
|
|
if [ "${PARAM_VERBOSE}" = "true" ] ; then |
|
set -x |
|
fi |
|
|
|
if [ "${WORKSPACE_BASIC_AUTH_DIRECTORY_BOUND}" = "true" ] ; then |
|
cp "${WORKSPACE_BASIC_AUTH_DIRECTORY_PATH}/.git-credentials" "${PARAM_USER_HOME}/.git-credentials" |
|
cp "${WORKSPACE_BASIC_AUTH_DIRECTORY_PATH}/.gitconfig" "${PARAM_USER_HOME}/.gitconfig" |
|
chmod 400 "${PARAM_USER_HOME}/.git-credentials" |
|
chmod 400 "${PARAM_USER_HOME}/.gitconfig" |
|
fi |
|
|
|
if [ "${WORKSPACE_SSH_DIRECTORY_BOUND}" = "true" ] ; then |
|
cp -R "${WORKSPACE_SSH_DIRECTORY_PATH}" "${PARAM_USER_HOME}"/.ssh |
|
chmod 700 "${PARAM_USER_HOME}"/.ssh |
|
chmod -R 400 "${PARAM_USER_HOME}"/.ssh/* |
|
fi |
|
|
|
# Setting up the config for the git. |
|
git config --global user.email "$(params.GIT_USER_EMAIL)" |
|
git config --global user.name "$(params.GIT_USER_NAME)" |
|
|
|
eval '$(params.GIT_SCRIPT)' |
|
|
|
RESULT_SHA="$(git rev-parse HEAD | tr -d '\n')" |
|
EXIT_CODE="$?" |
|
if [ "$EXIT_CODE" != 0 ] |
|
then |
|
exit $EXIT_CODE |
|
fi |
|
# Make sure we don't add a trailing newline to the result! |
|
printf "%s" "$RESULT_SHA" > "$(results.commit.path)" |
|
workingDir: $(workspaces.source.path) |
|
workspaces: |
|
- description: custom source tar location |
|
name: source-tars |
|
- description: A workspace that contains the fetched git repository. |
|
name: source |
|
- description: | |
|
An optional workspace that contains the files that need to be added to git. You can |
|
access the workspace from your script using `$(workspaces.input.path)`, for instance: |
|
|
|
cp $(workspaces.input.path)/file_that_i_want . |
|
git add file_that_i_want |
|
# etc |
|
name: input |
|
optional: true |
|
- description: | |
|
A .ssh directory with private key, known_hosts, config, etc. Copied to |
|
the user's home before git commands are executed. Used to authenticate |
|
with the git remote when performing the clone. Binding a Secret to this |
|
Workspace is strongly recommended over other volume types. |
|
name: ssh-directory |
|
optional: true |
|
- description: | |
|
A Workspace containing a .gitconfig and .git-credentials file. These |
|
will be copied to the user's home before any git commands are run. Any |
|
other files in this Workspace are ignored. It is strongly recommended |
|
to use ssh-directory over basic-auth whenever possible and to bind a |
|
Secret to this Workspace over other volume types. |
|
name: basic-auth |
|
optional: true
|
|
|